Network Security. Essentials. Chapter 2 презентация

Содержание

Слайд 2

Outline Symmetric encryption Block encryption algorithms Stream ciphers Cipher Block Modes

Outline

Symmetric encryption
Block encryption algorithms
Stream ciphers
Cipher Block Modes

Слайд 3

Symmetric Encryption or conventional / private-key / single-key sender and

Symmetric Encryption

or conventional / private-key / single-key
sender and recipient share a

common key
all classical encryption algorithms are private-key
was only type prior to invention of public-key in 1970’s
and by far most widely used
Слайд 4

Crypto Cryptology ⎯ The art and science of making and

Crypto

Cryptology ⎯ The art and science of making and breaking “secret

codes”
Cryptography ⎯ making “secret codes”
Cryptanalysis ⎯ breaking “secret codes”
Crypto ⎯ all of the above (and more)
Слайд 5

Some Basic Terminology plaintext - original message ciphertext - coded

Some Basic Terminology

plaintext - original message
ciphertext - coded message
cipher

- algorithm for transforming plaintext to ciphertext
key - info used in cipher known only to sender/receiver
encipher (encrypt) - converting plaintext to ciphertext
decipher (decrypt) - recovering ciphertext from plaintext
cryptography - study of encryption principles/methods
cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key
cryptology - field of both cryptography and cryptanalysis
Слайд 6

Simple Substitution Plaintext: fourscoreandsevenyearsago Key: Ciphertext: IRXUVFRUHDAGVHYHABHDUVDIR Shift by 3 is “Caesar’s cipher” Plaintext Ciphertext

Simple Substitution

Plaintext: fourscoreandsevenyearsago
Key:

Ciphertext:
IRXUVFRUHDAGVHYHABHDUVDIR
Shift by 3 is “Caesar’s cipher”

Plaintext

Ciphertext

Слайд 7

Ceasar’s Cipher Decryption Plaintext: spongebobsquarepants Plaintext Ciphertext Suppose we know

Ceasar’s Cipher Decryption

Plaintext: spongebobsquarepants

Plaintext

Ciphertext

Suppose we know a Ceasar’s cipher is being

used
Ciphertext: VSRQJHEREVTXDUHSDQWU
Слайд 8

Not-so-Simple Substitution Shift by n for some n ∈ {0,1,2,…,25}

Not-so-Simple Substitution

Shift by n for some n ∈ {0,1,2,…,25}
Then key is

n
Example: key = 7

Plaintext

Ciphertext

Слайд 9

Cryptanalysis I: Try Them All A simple substitution (shift by

Cryptanalysis I: Try Them All

A simple substitution (shift by n) is

used
But the key is unknown
Given ciphertext: CSYEVIXIVQMREXIH
How to find the key?
Only 26 possible keys ⎯ try them all!
Exhaustive key search
Solution: key = 4
Слайд 10

Even-less-Simple Substitution Key is some permutation of letters Need not

Even-less-Simple Substitution

Key is some permutation of letters
Need not be a shift
For

example

Plaintext

Ciphertext

Then 26! > 288 possible keys!

Слайд 11

Cryptanalysis II: Be Clever We know that a simple substitution

Cryptanalysis II: Be Clever

We know that a simple substitution is used
But

not necessarily a shift by n
Can we find the key given ciphertext:
PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA
Слайд 12

Cryptanalysis II Can’t try all 288 simple substitution keys Can

Cryptanalysis II

Can’t try all 288 simple substitution keys
Can we be more

clever?
English letter frequency counts…
Слайд 13

Cryptanalysis II Ciphertext: PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA Ciphertext frequency counts: Decrypt this message using info below

Cryptanalysis II

Ciphertext:
PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA

Ciphertext frequency counts:

Decrypt this message using info below

Слайд 14

Comparison

Comparison

Слайд 15

Symmetric Cipher Model

Symmetric Cipher Model

Слайд 16

Requirements two requirements for secure use of symmetric encryption: a

Requirements

two requirements for secure use of symmetric encryption:
a strong encryption algorithm
a

secret key known only to sender / receiver
mathematically have:
Y = E(K, X)
X = D(K, Y)
assume encryption algorithm is known
implies a secure channel to distribute key
Слайд 17

Cryptography can characterize cryptographic system by: type of encryption operations

Cryptography

can characterize cryptographic system by:
type of encryption operations used
substitution
transposition
product
number of keys

used
single-key or private
two-key or public
way in which plaintext is processed
block
stream
Слайд 18

Cryptanalysis objective to recover key not just message general approaches:

Cryptanalysis

objective to recover key not just message
general approaches:
cryptanalytic attack
brute-force attack
if either

succeed all key use compromised
Слайд 19

Cryptanalytic Attacks ciphertext only only know algorithm & ciphertext, is

Cryptanalytic Attacks

ciphertext only
only know algorithm & ciphertext, is statistical, know

or can identify plaintext
known plaintext
know/suspect plaintext & ciphertext
chosen plaintext
select plaintext and obtain ciphertext
chosen ciphertext
select ciphertext and obtain plaintext
chosen text
select plaintext or ciphertext to en/decrypt
Слайд 20

An encryption scheme: computationally secure if The cost of breaking

An encryption scheme: computationally secure if
The cost of breaking the cipher

exceeds the value of information
The time required to break the cipher exceeds the lifetime of information
Слайд 21

Brute Force Search always possible to simply try every key

Brute Force Search

always possible to simply try every key
most basic

attack, proportional to key size
assume either know / recognise plaintext
Слайд 22

Symmetric Block Cipher Algorithms DES (Data Encryption Standard) 3DES (Triple DES) AES (Advanced Encryption Standard)

Symmetric Block Cipher Algorithms

DES (Data Encryption Standard)
3DES (Triple DES)
AES (Advanced Encryption

Standard)
Слайд 23

Data Encryption Standard (DES) most widely used block cipher in

Data Encryption Standard (DES)

most widely used block cipher in world
adopted

in 1977 by NBS (now NIST)
as FIPS PUB 46
encrypts 64-bit data using 56-bit key
has widespread use
has considerable controversy over its security
Слайд 24

DES History IBM developed Lucifer cipher by team led by

DES History

IBM developed Lucifer cipher
by team led by Feistel in late

60’s
used 64-bit data blocks with 128-bit key
then redeveloped as a commercial cipher with input from NSA and others
in 1973 NBS issued request for proposals for a national cipher standard
IBM submitted their revised Lucifer which was eventually accepted as the DES
Слайд 25

DES Design Controversy although DES standard is public, considerable controversy

DES Design Controversy

although DES standard is public, considerable controversy over design


in choice of 56-bit key (vs Lucifer 128-bit)
and because design criteria were classified
subsequent events and public analysis show in fact design was appropriate
use of DES has flourished
especially in financial applications
still standardised for legacy application use
Слайд 26

Time to Break a DES Code (assuming 106 decryptions/μs)

Time to Break a DES Code (assuming 106 decryptions/μs)

Слайд 27

Multiple Encryption & DES clear a replacement for DES was

Multiple Encryption & DES

clear a replacement for DES was needed
theoretical attacks

that can break it
demonstrated exhaustive key search attacks
AES is a new cipher alternative
prior to this alternative was to use multiple encryption with DES implementations
Triple-DES is the chosen form
Слайд 28

Triple DES

Triple DES

Слайд 29

Triple-DES with Two-Keys hence must use 3 encryptions would seem

Triple-DES with Two-Keys

hence must use 3 encryptions
would seem to need 3

distinct keys
but can use 2 keys with E-D-E sequence
C = EK1(DK2(EK1(P)))
nb encrypt & decrypt equivalent in security
if K1=K2 then can work with single DES
standardized in ANSI X9.17 & ISO8732
no current known practical attacks
several proposed impractical attacks might become basis of future attacks
Слайд 30

Why is the middle portion of 3DES a decryption rather

Why is the middle portion of 3DES a decryption rather than

an encryption?

it is compatible with the older single DES by repeating the key.

It is more secure

Decryption is faster than encryption

no cryptographic significance

A

B

C

D

Submit

Слайд 31

Triple-DES with Three-Keys although no practical attacks on two-key Triple-DES

Triple-DES with Three-Keys

although no practical attacks on two-key Triple-DES have some

concerns
Two-key: key length = 56*2 = 112 bits
Three-key: key length = 56*3 = 168 bits
can use Triple-DES with Three-Keys to avoid even these
C = EK3(DK2(EK1(P)))
has been adopted by some Internet applications, eg PGP, S/MIME
Слайд 32

Origins clearly a replacement for DES was needed have theoretical

Origins

clearly a replacement for DES was needed
have theoretical attacks that can

break it
have demonstrated exhaustive key search attacks
can use Triple-DES – but slow, has small blocks
US NIST issued call for ciphers in 1997
15 candidates accepted in Jun 98
5 were shortlisted in Aug-99
MARS
RC6
Rijndael
Serpent
Twofish
Rijndael was selected as the AES in Oct-2000
issued as FIPS PUB 197 standard in Nov-2001
Слайд 33

The AES Cipher - Rijndael designed by Rijmen-Daemen in Belgium

The AES Cipher - Rijndael

designed by Rijmen-Daemen in Belgium
has

128/192/256 bit keys, 128 bit data
an iterative rather than feistel cipher
processes data as block of 4 columns of 4 bytes
operates on entire data block in every round
designed to be:
resistant against known attacks
speed and code compactness on many CPUs
design simplicity
Слайд 34

AES Encryption Process

AES Encryption Process

Слайд 35

Comparison

Comparison

Слайд 36

Random Numbers many uses of random numbers in cryptography nonces

Random Numbers

many uses of random numbers in cryptography
nonces in authentication

protocols to prevent replay
session keys
public key generation
keystream for a one-time pad
in all cases its critical that these values be
statistically random, uniform distribution, independent
unpredictability of future values from previous values
true random numbers provide this
care needed with generated random numbers
Слайд 37

Pseudorandom Number Generators (PRNGs) often use deterministic algorithmic techniques to

Pseudorandom Number Generators (PRNGs)

often use deterministic algorithmic techniques to create “random

numbers”
although are not truly random
can pass many tests of “randomness”
known as “pseudorandom numbers”
created by “Pseudorandom Number Generators (PRNGs)”
Слайд 38

Random & Pseudorandom Number Generators

Random & Pseudorandom Number Generators

Слайд 39

PRNG Algorithm Design Purpose-built algorithms E.g. RC4 Algorithms based on

PRNG Algorithm Design

Purpose-built algorithms
E.g. RC4
Algorithms based on existing cryptographic algorithms
Symmetric

block ciphers
Asymmetric ciphers
Hash functions and message authentication codes
Слайд 40

Outline Symmetric encryption Block encryption algorithms Stream ciphers Cipher Block Modes

Outline

Symmetric encryption
Block encryption algorithms
Stream ciphers
Cipher Block Modes

Слайд 41

Stream Cipher Structure

Stream Cipher Structure

Слайд 42

Stream Cipher Properties some design considerations are: long period with

Stream Cipher Properties

some design considerations are:
long period with no repetitions
statistically

random
depends on large enough key, e.g. 128 bits
large linear complexity
properly designed, can be as secure as a block cipher with same size key
but usually simpler & faster
Слайд 43

Linear feedback shift register A 4-bit Fibonacci LFSR with its

Linear feedback shift register

A 4-bit Fibonacci LFSR with its state diagram.

The XOR gate provides feedback to the register that shifts bits from left to right. The maximal sequence consists of every possible state except the "0000" state.
Слайд 44

Слайд 45

RC4 a proprietary cipher owned by RSA DSI another Ron

RC4

a proprietary cipher owned by RSA DSI
another Ron Rivest design,

simple but effective
variable key size, byte-oriented stream cipher
widely used (web SSL/TLS, wireless WEP/WPA)
key forms random permutation of all 8-bit values
uses that permutation to scramble input info processed a byte at a time
Слайд 46

RC4 Security claimed secure against known attacks have some analyses,

RC4 Security

claimed secure against known attacks
have some analyses, none practical
result

is very non-linear
since RC4 is a stream cipher, must never reuse a key
have a concern with WEP, but due to key handling rather than RC4 itself
Слайд 47

Outline Symmetric encryption Block encryption algorithms Stream ciphers Cipher Block Modes

Outline

Symmetric encryption
Block encryption algorithms
Stream ciphers
Cipher Block Modes

Слайд 48

The Most Important Modes Electronic Codebook Mode (ECB) Cipher Block

The Most Important Modes

Electronic Codebook Mode (ECB)
Cipher Block Chaining Mode (CBC)
Cipher

Feedback Mode (CFB)
Counter Mode (CTR)
Слайд 49

Electronic Codebook Book (ECB) message is broken into independent blocks

Electronic Codebook Book (ECB)

message is broken into independent blocks which are

encrypted
each block is a value which is substituted, like a codebook, hence name
each block is encoded independently of the other blocks
Ci = EK(Pi)
uses: secure transmission of single values
Слайд 50

2021/3/4 Zimmerman Telegram februar 13605 fest 13732 finanzielle 13850 folgender 13918 frieden 17142 friedenschluss 17149

2021/3/4

Zimmerman Telegram

februar 13605
fest 13732
finanzielle 13850
folgender 13918
frieden 17142
friedenschluss 17149

Слайд 51

2021/3/4 Zimmerman Decryption UK decrypt part of the telegraphy

2021/3/4

Zimmerman Decryption

UK decrypt part of the telegraphy

Слайд 52

Advantages and Limitations of ECB message repetitions may show in

Advantages and Limitations of ECB

message repetitions may show in ciphertext
if

aligned with message block
particularly with data such as graphics
or with messages that change very little, which become a code-book analysis problem
weakness is due to the encrypted message blocks being independent
main use is sending a few blocks of data
Слайд 53

Cipher Block Chaining (CBC) message is broken into blocks linked

Cipher Block Chaining (CBC)

message is broken into blocks
linked together

in encryption operation
each previous cipher blocks is chained with current plaintext block, hence name
use Initial Vector (IV) to start process
Ci = EK(Pi XOR Ci-1)
C0 = IV
uses: bulk data encryption, authentication
Слайд 54

Cipher Block Chaining (CBC)

Cipher Block Chaining (CBC)

Слайд 55

Cipher FeedBack (CFB) message is treated as a stream of

Cipher FeedBack (CFB)

message is treated as a stream of bits
added

to the output of the block cipher
result is feed back for next stage (hence name)
standard allows any number of bit (1,8, 64 or 128 etc) to be fed back
denoted CFB-1, CFB-8, CFB-64, CFB-128 etc
most efficient to use all bits in block (64 or 128)
Ci = Pi XOR EK(Ci-1)
C0 = IV
uses: stream data encryption, authentication
Слайд 56

s-bit Cipher FeedBack (CFB-s)

s-bit Cipher FeedBack (CFB-s)

Слайд 57

Advantages and Limitations of CFB appropriate when data arrives in

Advantages and Limitations of CFB

appropriate when data arrives in bits/bytes
most

common stream mode
Limitation: need to stall while doing block encryption after every n-bits
note that the block cipher is used in encryption mode at both ends
errors propagate for several blocks after the error
Слайд 58

Counter (CTR) a “new” mode, though proposed early on similar

Counter (CTR)

a “new” mode, though proposed early on
similar to OFB but

encrypts counter value rather than any feedback value
must have a different key & counter value for every plaintext block (never reused)
Oi = EK(i)
Ci = Pi XOR Oi
uses: high-speed network encryptions
Слайд 59

Counter (CTR)

Counter (CTR)

Слайд 60

Advantages and Limitations of CTR efficiency can do parallel encryptions

Advantages and Limitations of CTR

efficiency
can do parallel encryptions in h/w or

s/w
can preprocess in advance of need
good for bursty high speed links
random access to encrypted data blocks
provable security (good as other modes)
but must ensure never reuse key/counter values, otherwise could break (cf OFB)
Слайд 61

Output Feedback Mode (OFB)

Output Feedback Mode (OFB)

Имя файла: Network-Security.-Essentials.-Chapter-2.pptx
Количество просмотров: 73
Количество скачиваний: 0
- Предыдущая
Angina pectoris
Следующая -
Создание эффективной системы управления производственными процессами

Похожие презентации

Экономическая психология
Планирование работы по коррекции различных форм дисграфии
Метеовеличины. Атмосферное давление
Применение производной для решения задач
Охраняемые животные Крыма
Е. Благинина Кукушка и Котёнок
Учебно-методические комплексы для начальной школы
Добро и зло
Ипотека для молодых учителей
Урок-проект: Прямое плетение из бумаги
Объект уголовного правонарушения
От героев былых времен... Презентация для классного часа
Дзержинский Феликс Эдмундович
Презентация к 200 юбилею М.Ю. Лермонтова
Технологии разработки Internet-приложений
Кровеносная система
Киберпреступность
Тушение пожаров на железнодорожном транспорте
Реклама и PR в комплексе интегрированных коммуникаций
Моделирование процессов разработки нефтяного месторождения
Механизм поддержания равновесия в модели IS–LM посредством мостиков, связывающих рынки товаров и денег
Кл.час с использованием проектной деятельности Тема: Люблю березку русскую
Технология 3D - MID
Измерение углов. Транспортир.
Презентация проекта Моя семья - моя радость!
Из истории пионерской организации Красноэховской школы
Нейроэндокринные опухоли поджелудочной железы
Система счисления
Обратная связь
Email: Нажмите что бы посмотреть